Re: [chrony-dev] Support for another crypto hash?

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]


On 19/10/2011 11:30, Miroslav Lichvar wrote:
> On Tue, Oct 18, 2011 at 06:48:28PM +0100, Ed W wrote:
>> On 17/10/2011 12:25, Miroslav Lichvar wrote:
>>> Another way would be to use a crypto library like nss (we can't use
>>> openssl as it's not compatible with GPL) and allow user to select any
>>> hash supported by the library. 
>>>
>> How about libtomcrypt?  Used for dropbear amongst other things.  Public
>> domain so you can repackage it under any licence you feel fit including GPL
>>
>> http://libtom.org/?page=features&whatfile=crypt
> It seems it's no longer developed/maintained. The last changelog entry
> is from 2007.

Are you guys looking at some other project?

https://github.com/libtom/libtomcrypt/commits/master

I think it's fair to say that it's in maintenance mode. Whether that's
an issue I'm not sure.  I think I mentioned it's used by dropbear - for
sure that's in maintence mode also, but it's also fairly widely used

> I've looked at the NSS libraries and I'm quite happy with the
> NSSLOWHASH API and the libfreebl3 library. It's fairly small, it's
> already used by other applications running on my system (e.g.
> dhclient) and it has been FIPS validated.

Cool - NSS is widely used. Should be sold. (although serious bugs found
recently)

Great to hear this is going ahead!

Ed W

---
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/